"Christopher Schultz" <ch...@christopherschultz.net> wrote in message news:4b070643.1070...@christopherschultz.net... > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Rainer, > > On 11/20/2009 1:09 PM, Rainer Jung wrote: >> On 20.11.2009 17:20, Christopher Schultz wrote: >>> I'm having trouble getting a client certificate chain sent to Tomcat via >>> mod_jk. Apache httpd 2.2.9, mod_jk 1.2.28, Tomcat 5.5.27. >> >> Off by one? >> >> https://issues.apache.org/bugzilla/show_bug.cgi?id=39637 >> >> indicates you'll need 5.5.28 ... > > Ugh! I didn't even think that a bug/incomplete feature in Tomcat could > be the reason. I just assumed that my configuration was wrong. I'll test > in 5.5.28. >
Yes, the AJP/1.3 protocol was developed way back in the days of Servlet 2.2. In the 2.2 spec, only the client cert was exposed to the servlet. It wasn't until Servlet 2.3 that the chain was exposed, but it took a long time after that to add it to AJP/1.3. > Thanks, > - -chris > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.10 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAksHBkMACgkQ9CaO5/Lv0PBLRACfSrHRGFhvyiyqB5BgUnsP7apj > 1XMAnj/ngKlJ82zbSWPpjflTl8M7jOIh > =jYdV > -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
